package com.cy;

import com.cy.realm.ShiroRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;

@SpringBootApplication
public class DbpmsAplication {
    public static void main(String[] args) {
        SpringApplication.run(DbpmsAplication.class,args);
    }

    @Bean
    public Realm getShiroRealm(){
        return new ShiroRealm();
    }

    @Bean
    public ShiroFilterChainDefinition shiroFilterChainDefinition() {
        DefaultShiroFilterChainDefinition chainDefinition =
                new DefaultShiroFilterChainDefinition();
        //配置/user/login/**开头的资源，可以匿名访问(不用登录就可以访问),
        //其中 anon 为 shiro 框架指定的匿名过滤器
        chainDefinition.addPathDefinition("/user/login/**","anon");
        //配置登出操作
        chainDefinition.addPathDefinition("/user/logout","logout");
        //配置以/**开头的资源必须都要经过认证，
        //其中 authc 为 shiro 框架指定的认证过滤器
        chainDefinition.addPathDefinition("/**", "authc");
        return chainDefinition;
    }

}
